Head of Connectivity Mark Hall explains how adopting a secure access service edge (SASE) model could be the ideal solution for businesses that need to remain productive and efficient, no matter where their workers may be.
Chances are your business has already been transformed over the past couple of years, as the pandemic has changed the normal way of working for companies worldwide. But has your IT infrastructure been through the necessary transformation too?
Moving to a SASE model could transform not only the performance of your organisation’s IT network, but also give your business much greater control over its entire IT infrastructure too. However, if your business is considering a switch to SASE, you’re likely going to need help in planning, migrating and configuring your network.
Mark Hall, Daisy’s Head of Connectivity, sat down with IT Pro to give a first-hand account of what SASE can do for a business. In this Q&A, he talks about the benefits of SASE and how Daisy can help businesses with their deployments.
You can download the full IT Pro report below.
Mark, tell us why SASE has become increasingly relevant since the pandemic?
SASE is a phrase that Gartner came up with a couple of years ago and it’s basically the merging of that cloud-first approach to security with a cloud-first approach to the network. If you’re an IT manager that suddenly needs to put networking equipment, particularly firewalls, in potentially hundreds or thousands of branch offices, you need a way to adequately provision, manage, upgrade, and apply software and security patches from a single place, maybe even remotely.
If you are an organisation that wants to, or is being forced to work in that more modern way – either for staff-retention purposes, or because you think it makes your staff more efficient, or because your staff are reluctant to come back into the office after COVID – that presents you with challenges about how you design and build a network that still works incredibly well for that environment. The traditional way of doing it was based on a traditional office model that just doesn’t apply anymore.
People often focus on the security benefits when it comes to SASE, but the network performance benefits are huge too, right?
Security is the prerequisite to let everything else happen. You could build the best, most appropriate network for your business model, but if you can’t secure it, you’re never going to make the most out of it.
The reason that security bit is so important is because it allows you to get away from that old model of having to punt everything back to one place to secure it and then break it out. You don’t just need perimeter network security, but security throughout everything that your organisation touches. And that’s what allows you to have high-performance Internet circuits at sites, or for home workers, that just access the applications that they need directly.
SD-WAN comes with additional network performance features, such as being able to route traffic over different circuits depending on what you want the priority to be. You know what traffic type you want to have priority over others. Email could go out over 4G or a regular broadband connection, for example, but a voice or video call that needs a set amount of bandwidth, both upload and download, you might want to put that on a higher performance circuit. SD-WAN can make those real-time decisions based on the logic that you put into the network design in the first place, to make sure that you’re always using the best available bandwidth from the best available circuit.
What are the benefits of working with a partner such as Daisy when it comes to implementing SASE in your organisation?
Why not do it yourself? There are a few reasons, but it comes back to the time and management overhead. There is still a lot of time and effort that you need to spend as a network manager, with software updates and security patches coming out all the time. The number of threats there are to a corporate network has exploded in recent years and will continue to exponentially increase. Frankly, just keeping up with everything, and making sure that when it happens that you’re actually doing something with it, is becoming incredibly difficult. That’s a full-time job for quite a few people for most decent-sized organisations.
It’s getting to the point where it’s not even really a question of trying to do it in-house. You need to work with a partner that can do all of that for you and then just advise you on what the latest threats are and suggest the mitigation to those threats. And then if you want to work with a partner to manage your infrastructure, they can do that for you, and that partner could be Daisy.
Why partner with Daisy instead of other providers?
Connectivity and cyber security are two of the most mature and successful areas of our portfolio. We own and operate a core network providing over 300,000 circuits to our customers. We’ve been providing solutions as a Cisco Gold Partner for more than 20 years and have been providing managed SD-WAN solutions since 2015. That gives us a fantastic combination of scale and references, not just in SD-WAN or cyber security, but in both, which as they come together will be increasingly more important.
We have partnerships with the leading vendors globally and have top-tier accreditations with those vendors. In order to get that, you have to transact a certain amount of business in that particular product line, and you have to train and maintain a certain number of sales, pre-sales, delivery and support engineers within that product line. In short, you have to know your stuff!
On top of that, we can not only design, deploy and manage the SASE solution but also include other value-added managed services from our networks or Security Operations Centres into a single, all-encompassing service for our customers who want that bit of extra help from a partner. This also frees up their time to focus on driving their business forwards.
Explain to us how you would typically manage a SASE implementation for a customer?
When we work with a customer, we would engage with them in a consultancy pre-sale phase to understand their requirements. As part of that we would then recommend the best-fit design using the breadth of our portfolio. We would then also deliver that infrastructure for them, both in terms of the configuration of the network in the cloud, but also the physical, going to site – we go and do the site audits, we do the wireless coverage surveys, we do the cabling and install the network hardware as well.
And then, once the installation period is done, we take it on to the service level, where we do all of the break/fix maintenance associated with that hardware. We can also do the associated managed service of both that network infrastructure as well as the security elements. That management layer can vary depending on how much the customer wants to do themselves.
So, it’s an all-encompassing service that is very thorough and covers everything that a customer would expect from a managed service in this particular product set.
We’ve written previously about how Daisy can help customers with, say, Microsoft 365 rollouts. Does it help to manage SASE if you’ve previously helped customers with those kinds of rollouts?
Definitely, because ultimately the reason that SASE exists is because of a change in the way that a company’s users access their data and applications. So, if Daisy is the incumbent provider of those applications or some of those devices, we already have that picture when we go and do that consultative phase with the customer. We’re already deeply ingrained with how that network’s currently working, what that user experience looks like.
Yes, you can take away all the information that you want from various whiteboarding sessions, but you can’t really substitute having had months and years of actually managing aspects of that in real life.